Commit Graph

694 Commits

Author SHA1 Message Date
Steffen Jaeckel
7d418b34b3 Fix GCM counter reuse
GCM should error out after processing (2^32)-1 blocks / (2^39)-256 bits
2016-09-28 20:18:09 +02:00
Karel Miko
6ad5225268 removing forgotten debug comment 2016-07-07 15:03:33 +02:00
Steffen Jaeckel
bb56ef08eb bring coverage results near reality 2016-04-03 17:45:16 +02:00
Steffen Jaeckel
892342c769 automatically determine the number of parallel make jobs for the tests 2016-04-03 14:12:27 +02:00
Steffen Jaeckel
da3ade0807 increase coverage by running 'sizes' and 'constants' 2016-04-03 14:12:27 +02:00
Steffen Jaeckel
1c6c02e18d fix gitignore 2016-04-03 14:12:27 +02:00
Steffen Jaeckel
f2f1b61164 Merge pull request #115 from fperrad/install
install without USER and GROUP
2016-04-03 01:46:24 +02:00
Francois Perrad
5d5694dbc4 install without USER and GROUP
like in libtommath.
really more friendly for packaging.
2016-04-01 09:26:28 +02:00
Steffen Jaeckel
912eff4949 make testprof/makefile silent 2016-01-23 19:11:30 +01:00
Steffen Jaeckel
61d730323a introduce new all_test make-target 2016-01-23 19:11:30 +01:00
Steffen Jaeckel
23cad07701 refactor makefile a bit more 2016-01-23 19:00:23 +01:00
Steffen Jaeckel
d1eeecb137 fix some compiler warnings 2016-01-23 18:59:44 +01:00
Steffen Jaeckel
4572357e87 make easily built demos in a template 2016-01-23 18:59:30 +01:00
Steffen Jaeckel
7c9450084f fix some compile errors 2016-01-23 18:42:50 +01:00
Steffen Jaeckel
3184c6d8a0 Merge branch 'miko-GCM-HPUX-IA64-fix' into develop
This closes #100
2016-01-23 18:11:01 +01:00
Karel Miko
966496ea1a fixing GCM troubles at HP-UX/IA64 2016-01-23 18:09:03 +01:00
Steffen Jaeckel
a6417387c0 make check_defines silent 2016-01-23 17:06:57 +01:00
Steffen Jaeckel
6905e4113f make build process silent 2016-01-19 00:38:05 +01:00
Steffen Jaeckel
de15a6fad9 Merge branch 'miko-const-int-fix' into develop
This closes #92 and closes #96
2016-01-19 00:04:27 +01:00
Karel Miko
af77f1fae9 RORc instead of ROR 2016-01-19 00:03:54 +01:00
Karel Miko
d0a534393a fix for issue #92 - const is meaningless on cast type 2016-01-19 00:03:54 +01:00
Steffen Jaeckel
4a3b53dbee Merge branch 'miko-avoid-declaration-after-statements' into develop
This closes #101
2016-01-14 21:47:16 +01:00
Karel Miko
15b3f39a4f avoid using declaration after statements (rng_win32) 2016-01-14 21:46:53 +01:00
Karel Miko
7c1e251e75 avoid using declaration after statements 2016-01-14 21:46:53 +01:00
Steffen Jaeckel
f108863dc3 Merge branch 'miko-ecc_ansi_x963_export-fix' into develop
This closes #58 and closes #99
2016-01-14 21:33:04 +01:00
Steffen Jaeckel
10e577e24a there's no need to check out on function entry
...someone could then do something like this...

unsigned char* out = NULL;
unsigned long len = 0;
while(ecc_ansi_x963_export(key, out, &len) == CRYPT_BUFFER_OVERFLOW &&
	len == 0) {
  out = malloc(len);
}

...as if someone would ever like to do something like that...
2016-01-14 21:32:33 +01:00
Karel Miko
42bad9f580 fix for issue #58 - possible overflow in ecc_ansi_x963_export 2016-01-11 00:25:13 +01:00
Steffen Jaeckel
af70cb6a01 Merge remote-tracking branch 'km/miko-setbit-fix' into develop
This closes #91
2016-01-11 00:23:25 +01:00
Karel Miko
8cf7eb1801 fix for issue #91 - redefinition of macro "setbit" 2016-01-10 18:45:04 +01:00
Steffen Jaeckel
7c2ff8ebfe show ROtate operator configuration in build settings
[skip ci]
2016-01-05 23:55:06 +01:00
Steffen Jaeckel
645a82d9e6 travis: update local package index as first step 2016-01-05 23:24:47 +01:00
Steffen Jaeckel
012dfe8001 Make the build output cleaner so diagnostics are easier to spot
Signed-off-by: Tom St Denis <tstdenis82@gmail.com>
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2015-12-05 14:31:38 +01:00
Steffen Jaeckel
8def190877 Merge branch 'fix/hkdf' into develop
This fixes #81
2015-12-05 14:31:38 +01:00
Steffen Jaeckel
f5016d88dd Prevent undefined behavior
Don't call XMEMCPY() in case info (the source parameter to memcpy) is NULL
as this would trigger UB
2015-12-05 14:31:38 +01:00
Steffen Jaeckel
318dbbccc3 fix wrongly used LTC_ARGCHK/LTC_ARGCHKVD macros 2015-12-05 14:31:37 +01:00
Steffen Jaeckel
460b8716c9 fix clang-analyzer warnings
This fixes #80
2015-12-05 14:31:01 +01:00
Steffen Jaeckel
16f397d55c prevent segfault in case we hit an empty sequence 2015-09-10 19:17:42 +02:00
Steffen Jaeckel
d4945ac521 add (nearly) all defines from tomcrypt_custom.h to crypt_build_settings
... and provide a new make target to check if something is missing
2015-09-08 21:09:49 +02:00
Steffen Jaeckel
0b140206cf Merge branch 'feature/rsa-crt_hardening' into develop
This fixes #77
2015-09-08 21:04:54 +02:00
Steffen Jaeckel
733c52aa00 add LTC_RSA_CRT_HARDENING to crypt_build_settings 2015-09-08 21:04:33 +02:00
Steffen Jaeckel
01f1845402 harden RSA CRT by implementing the proposed countermeasure
... from ch. 1.3 of [1]

[1] https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf
2015-09-08 02:44:17 +02:00
Steffen Jaeckel
19e2526b82 add some make targets regarding code coverage 2015-09-08 02:35:35 +02:00
Steffen Jaeckel
7db5760c91 add possibility to create combined coverage
Define the environment variable LTC_COVERAGE to something, run testme.sh
with all the coverage compile time options enabled and then 'make lcov'
creates the combined coverage for all combinations of compile-time
options handled in testme.sh.

e.g. LTC_COVERAGE=1 ./testme.sh "makefile -j3" "-DUSE_LTM -DLTM_DESC -I../libtommath -fprofile-arcs -ftest-coverage" "../libtommath/libtommath.a -lgcov"
2015-09-08 01:36:13 +02:00
Steffen Jaeckel
21ed315527 ignore output of 'make doxy' 2015-09-08 01:14:57 +02:00
Steffen Jaeckel
fd94034ba7 sort HEADERS in makefiles, so it doesn't change spontaneously 2015-09-01 17:36:43 +02:00
Steffen Jaeckel
6ec93afa3c clean-up test-build and extend tomcrypt_custom.h
added LTC_MINIMAL to be able do a build without nearly any
functionality :)
make sure timing resistant RSA & ECC are enabled if not said otherwise
2015-09-01 17:36:43 +02:00
Steffen Jaeckel
8cb20e6059 add more DES test vectors 2015-08-31 15:09:36 +02:00
Steffen Jaeckel
eb26b7efd4 Merge branch 'fix/ccm_constant_time' into develop
This closes #73 and closes #76
2015-08-26 00:16:09 +02:00
Sebastian Verschoor
75b114517a make sure no cache-based timing attack is possible
instead of two different buffers, there is just one buffer. Based upon the verification result, a mask is applied to the buffer before it is written to the output buffer.
2015-08-26 00:08:38 +02:00
Steffen Jaeckel
09e4b0ec9b don't reveal plaintext if authentication failed
Create two buffers of the same size as the input data.
Copy the input data to the first one and work with that version to hold the
decrypted data, zeroize the second one.
Copy depending on the verification result, either the zero-buffer or the
real plaintext to the output buffer.
2015-08-26 00:08:38 +02:00